Highlight deprecated features

We have quite a list of deprecated options currently. Ensure this is highlighted both in documentation and code. This patch builds on the wiki page [1] enlisting all deprecated features and their status. There are also some options not listed here, as there exists patches in release/2.4 which awaits an update for git master. [1] https://community.openvpn.net/openvpn/wiki/DeprecatedOptions Signed-off-by: David Sommerseth <davids@openvpn.net> Acked-by: Steffan Karger <steffan@karger.me> Message-Id: <20170815215451.21662-1-davids@openvpn.net> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15261.html Signed-off-by: David Sommerseth <davids@openvpn.net> (cherry picked from commit 6e4a817589de85481a5cbfe5bcae4fa872c9fb5d)
author: David Sommerseth 2017-08-15 23:54:51 +0200
committer: David Sommerseth 2017-08-17 16:09:23 +0200
commit: e710d709b7e604abd1e86b6fc04695a472aed977 (patch)
tree: 804e47c3a63e7a9e461a7e88b876aac7023cea12 /src/openvpn/options.c
parent: d47228e71de6cbbf860746a50a3ecf8025e35653 (diff)
download: openvpn-e710d709b7e604abd1e86b6fc04695a472aed977.zip
openvpn-e710d709b7e604abd1e86b6fc04695a472aed977.tar.gz
1 files changed, 8 insertions, 6 deletions
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index ee53adf..a92702e 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -415,8 +415,9 @@ static const char usage_message[] =
     "                  client instance.\n"
     "--ifconfig-pool start-IP end-IP [netmask] : Set aside a pool of subnets\n"
     "                  to be dynamically allocated to connecting clients.\n"
-    "--ifconfig-pool-linear : Use individual addresses rather than /30 subnets\n"
-    "                  in tun mode.  Not compatible with Windows clients.\n"
+    "--ifconfig-pool-linear : (DEPRECATED) Use individual addresses rather \n"
+    "                  than /30 subnets\n in tun mode.  Not compatible with\n"
+    "                  Windows clients.\n"
     "--ifconfig-pool-persist file [seconds] : Persist/unpersist ifconfig-pool\n"
     "                  data to file, at seconds intervals (default=600).\n"
     "                  If seconds=0, file will be treated as read-only.\n"
@@ -434,7 +435,7 @@ static const char usage_message[] =
     "                  Only valid in a client-specific config file.\n"
     "--disable       : Client is disabled.\n"
     "                  Only valid in a client-specific config file.\n"
-    "--client-cert-not-required : Don't require client certificate, client\n"
+    "--client-cert-not-required : (DEPRECATED) Don't require client certificate, client\n"
     "                  will authenticate using username/password.\n"
     "--verify-client-cert [none|optional|require] : perform no, optional or\n"
     "                  mandatory client certificate verification.\n"
@@ -455,7 +456,7 @@ static const char usage_message[] =
     "                  with those of the server will be disconnected.\n"
     "--auth-user-pass-optional : Allow connections by clients that don't\n"
     "                  specify a username/password.\n"
-    "--no-name-remapping : Allow Common Name and X509 Subject to include\n"
+    "--no-name-remapping : (DEPRECATED) Allow Common Name and X509 Subject to include\n"
     "                      any printable character.\n"
     "--client-to-client : Internally route client-to-client traffic.\n"
     "--duplicate-cn  : Allow multiple clients with the same common name to\n"
@@ -539,7 +540,7 @@ static const char usage_message[] =
     "--prng alg [nsl] : For PRNG, use digest algorithm alg, and\n"
     "                   nonce_secret_len=nsl.  Set alg=none to disable PRNG.\n"
 #ifdef HAVE_EVP_CIPHER_CTX_SET_KEY_LENGTH
-    "--keysize n     : Size of cipher key in bits (optional).\n"
+    "--keysize n     : (DEPRECATED) Size of cipher key in bits (optional).\n"
     "                  If unspecified, defaults to cipher-specific default.\n"
 #endif
 #ifndef ENABLE_CRYPTO_MBEDTLS
@@ -564,7 +565,7 @@ static const char usage_message[] =
     "(These options are meaningful only for TLS-mode)\n"
     "--tls-server    : Enable TLS and assume server role during TLS handshake.\n"
     "--tls-client    : Enable TLS and assume client role during TLS handshake.\n"
-    "--key-method m  : Data channel key exchange method.  m should be a method\n"
+    "--key-method m  : (DEPRECATED) Data channel key exchange method.  m should be a method\n"
     "                  number, such as 1 (default), 2, etc.\n"
     "--ca file       : Certificate authority file in .pem format containing\n"
     "                  root certificate.\n"
@@ -6591,6 +6592,7 @@ add_option(struct options *options,
     {
         VERIFY_PERMISSION(OPT_P_GENERAL);
         options->topology = TOP_P2P;
+        msg(M_WARN, "DEPRECATED OPTION: --ifconfig-pool-linear, use --topology p2p instead");
     }
     else if (streq(p[0], "ifconfig-ipv6-pool") && p[1] && !p[2])
     {
author	David Sommerseth	2017-08-15 23:54:51 +0200
committer	David Sommerseth	2017-08-17 16:09:23 +0200
commit	e710d709b7e604abd1e86b6fc04695a472aed977 (patch)
tree	804e47c3a63e7a9e461a7e88b876aac7023cea12 /src/openvpn/options.c
parent	d47228e71de6cbbf860746a50a3ecf8025e35653 (diff)
download	openvpn-e710d709b7e604abd1e86b6fc04695a472aed977.zip openvpn-e710d709b7e604abd1e86b6fc04695a472aed977.tar.gz